Search criteria
10 vulnerabilities found for r32cpu_firmware by mitsubishielectric
CVE-2022-40267 (GCVE-0-2022-40267)
Vulnerability from nvd – Published: 2023-01-20 07:52 – Updated: 2024-08-03 12:14
VLAI?
Title
Authentication Bypass Vulnerability in Web Server Function on MELSEC Series
Summary
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers.
Severity ?
5.9 (Medium)
CWE
- CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-F Series FX5U-32MT/ES |
Affected:
serial number 17X**** or later, and versions 1.280 and prior
Affected: serial number 179**** and prior, and versions 1.074 and prior |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1646"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-019_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU99673580/index.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-02"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5u-80mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5u-80mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5u-32mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5u-32mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5u-64mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5u-64mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5u-80mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5u-80mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/d_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mt\\/d_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-64mt\\/d_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-64mt\\/d_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-96mt\\/d_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-96mt\\/d_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-64mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-64mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-96mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-96mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/ds-ts_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mt\\/ds-ts_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/dss-ts_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mt\\/dss-ts_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mr\\/ds-ts_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mr\\/ds-ts_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r00cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r00cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r01cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r01cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r02cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r02cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r04cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r04cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r08cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r08cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r16cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r16cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r32cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r32cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r120cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r120cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r04encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r04encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r08encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r08encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r16encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r16encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r32encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r32encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r120encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r120encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mt\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mt\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mt\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mt\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mt\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mt\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mr\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mr\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mr\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mr\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mr\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mr\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-30mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-30mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-40mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-40mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-60mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-60mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-80mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-80mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-30mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-30mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-40mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-40mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-60mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-60mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-80mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-80mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-30mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-30mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-40mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-40mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-60mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-60mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-80mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-80mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40267",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T16:29:24.302691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T17:23:35.219Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Seres FX5U-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 1.280 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 1.280 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 1.280 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R00CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 33 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R01CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 33 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R02CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 33 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R04CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R04ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers."
}
],
"value": "Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-337",
"description": "CWE-337 Predictable Seed in Pseudo-Random Number Generator (PRNG) ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T03:55:27.038Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-019_en.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU99673580/index.html"
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-02"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authentication Bypass Vulnerability in Web Server Function on MELSEC Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2022-40267",
"datePublished": "2023-01-20T07:52:56.784Z",
"dateReserved": "2022-09-08T19:40:16.931Z",
"dateUpdated": "2024-08-03T12:14:39.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20591 (GCVE-0-2021-20591)
Vulnerability from nvd – Published: 2021-06-11 15:52 – Updated: 2024-08-03 17:45
VLAI?
Summary
Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition.
Severity ?
No CVSS data available.
CWE
- Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | MELSEC iQ-R series CPU modules |
Affected:
R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:44.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-003_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU98060539/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MELSEC iQ-R series CPU modules",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-11T15:52:45",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-003_en.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU98060539/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"ID": "CVE-2021-20591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MELSEC iQ-R series CPU modules",
"version": {
"version_data": [
{
"version_value": "R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-003_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-003_en.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU98060539/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU98060539/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2021-20591",
"datePublished": "2021-06-11T15:52:45",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:45:44.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16850 (GCVE-0-2020-16850)
Vulnerability from nvd – Published: 2020-11-30 21:34 – Updated: 2024-08-04 13:45
VLAI?
Summary
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:33.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-30T21:34:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series",
"refsource": "MISC",
"url": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16850",
"datePublished": "2020-11-30T21:34:28",
"dateReserved": "2020-08-04T00:00:00",
"dateUpdated": "2024-08-04T13:45:33.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5668 (GCVE-0-2020-5668)
Vulnerability from nvd – Published: 2020-11-20 03:30 – Updated: 2024-08-04 08:39
VLAI?
Summary
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet
Severity ?
No CVSS data available.
CWE
- Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-R |
Affected:
R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-016.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-016_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95980140/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MELSEC iQ-R",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "R00/01/02CPU firmware version \u002719\u0027 and earlier, R04/08/16/32/120 (EN) CPU firmware version \u002751\u0027 and earlier, R08/16/32/120SFCPU firmware version \u002722\u0027 and earlier, R08/16/32/120PCPU firmware version \u002725\u0027 and earlier, R08/16/32/120PSFCPU firmware version \u002706\u0027 and earlier, RJ71EN71 firmware version \u002747\u0027 and earlier, RJ71GF11-T2 firmware version \u002747\u0027 and earlier, RJ72GF15-T2 firmware version \u002707\u0027 and earlier, RJ71GP21-SX firmware version \u002747\u0027 and earlier, RJ71GP21S-SX firmware version \u002747\u0027 and earlier, and RJ71GN11-T2 firmware version \u002711\u0027 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version \u002719\u0027 and earlier, R04/08/16/32/120 (EN) CPU firmware version \u002751\u0027 and earlier, R08/16/32/120SFCPU firmware version \u002722\u0027 and earlier, R08/16/32/120PCPU firmware version \u002725\u0027 and earlier, R08/16/32/120PSFCPU firmware version \u002706\u0027 and earlier, RJ71EN71 firmware version \u002747\u0027 and earlier, RJ71GF11-T2 firmware version \u002747\u0027 and earlier, RJ72GF15-T2 firmware version \u002707\u0027 and earlier, RJ71GP21-SX firmware version \u002747\u0027 and earlier, RJ71GP21S-SX firmware version \u002747\u0027 and earlier, and RJ71GN11-T2 firmware version \u002711\u0027 and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T11:15:29",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-016.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-016_en.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95980140/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MELSEC iQ-R",
"version": {
"version_data": [
{
"version_value": "R00/01/02CPU firmware version \u002719\u0027 and earlier, R04/08/16/32/120 (EN) CPU firmware version \u002751\u0027 and earlier, R08/16/32/120SFCPU firmware version \u002722\u0027 and earlier, R08/16/32/120PCPU firmware version \u002725\u0027 and earlier, R08/16/32/120PSFCPU firmware version \u002706\u0027 and earlier, RJ71EN71 firmware version \u002747\u0027 and earlier, RJ71GF11-T2 firmware version \u002747\u0027 and earlier, RJ72GF15-T2 firmware version \u002707\u0027 and earlier, RJ71GP21-SX firmware version \u002747\u0027 and earlier, RJ71GP21S-SX firmware version \u002747\u0027 and earlier, and RJ71GN11-T2 firmware version \u002711\u0027 and earlier"
}
]
}
}
]
},
"vendor_name": "Mitsubishi Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version \u002719\u0027 and earlier, R04/08/16/32/120 (EN) CPU firmware version \u002751\u0027 and earlier, R08/16/32/120SFCPU firmware version \u002722\u0027 and earlier, R08/16/32/120PCPU firmware version \u002725\u0027 and earlier, R08/16/32/120PSFCPU firmware version \u002706\u0027 and earlier, RJ71EN71 firmware version \u002747\u0027 and earlier, RJ71GF11-T2 firmware version \u002747\u0027 and earlier, RJ72GF15-T2 firmware version \u002707\u0027 and earlier, RJ71GP21-SX firmware version \u002747\u0027 and earlier, RJ71GP21S-SX firmware version \u002747\u0027 and earlier, and RJ71GN11-T2 firmware version \u002711\u0027 and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-016.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-016.pdf"
},
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-016_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-016_en.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05"
},
{
"name": "https://jvn.jp/vu/JVNVU95980140/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95980140/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5668",
"datePublished": "2020-11-20T03:30:23",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5527 (GCVE-0-2020-5527)
Vulnerability from nvd – Published: 2020-03-30 07:10 – Updated: 2024-08-04 08:30
VLAI?
Summary
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions.
Severity ?
No CVSS data available.
CWE
- Denial-of-service (DoS)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series |
Affected:
MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial-of-service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-30T07:10:14",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5527",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series",
"version": {
"version_data": [
{
"version_value": "MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)"
}
]
}
}
]
},
"vendor_name": "Mitsubishi Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial-of-service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
},
{
"name": "https://jvn.jp/en/vu/JVNVU91553662/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5527",
"datePublished": "2020-03-30T07:10:14",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-40267 (GCVE-0-2022-40267)
Vulnerability from cvelistv5 – Published: 2023-01-20 07:52 – Updated: 2024-08-03 12:14
VLAI?
Title
Authentication Bypass Vulnerability in Web Server Function on MELSEC Series
Summary
Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers.
Severity ?
5.9 (Medium)
CWE
- CWE-337 - Predictable Seed in Pseudo-Random Number Generator (PRNG)
Assigner
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-F Series FX5U-32MT/ES |
Affected:
serial number 17X**** or later, and versions 1.280 and prior
Affected: serial number 179**** and prior, and versions 1.074 and prior |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:14:39.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1646"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-019_en.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU99673580/index.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-02"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5u-80mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5u-80mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5u-32mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5u-32mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5u-64mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5u-64mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5u-80mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5u-80mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/d_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mt\\/d_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-64mt\\/d_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-64mt\\/d_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-96mt\\/d_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-96mt\\/d_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-64mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-64mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-96mt\\/dss_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-96mt\\/dss_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/ds-ts_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mt\\/ds-ts_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mt\\/dss-ts_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mt\\/dss-ts_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uc-32mr\\/ds-ts_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uc-32mr\\/ds-ts_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r00cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r00cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r01cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r01cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r02cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r02cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r04cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r04cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r08cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r08cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r16cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r16cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r32cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r32cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r120cpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r120cpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r04encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r04encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r08encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r08encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r16encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r16encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r32encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r32encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:r120encpu_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "r120encpu_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mt\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mt\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mt\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mt\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mt\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mt\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-24mr\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-24mr\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-40mr\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-40mr\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5uj-60mr\\/es-a_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5uj-60mr\\/es-a_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-30mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-30mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-40mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-40mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-60mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-60mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-80mt\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-80mt\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-30mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-30mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-40mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-40mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-60mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-60mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-80mr\\/es_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-80mr\\/es_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-30mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-30mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-40mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-40mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-60mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-60mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:mitsubishielectric:fx5s-80mt\\/ess_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "fx5s-80mt\\/ess_firmware",
"vendor": "mitsubishielectric",
"versions": [
{
"lessThanOrEqual": "1.042",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40267",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T16:29:24.302691Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T17:23:35.219Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Seres FX5U-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MR/DS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5U-80MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/D",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-64MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-96MT/DSS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "serial number 17X**** or later, and versions 1.280 and prior"
},
{
"status": "affected",
"version": "serial number 179**** and prior, and versions 1.074 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 1.280 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 1.280 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UC-32MR/DS-TS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 1.280 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R00CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 33 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R01CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 33 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R02CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 33 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R04CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120CPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R04ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R08ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R16ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R32ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-R Series R120ENCPU",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "versions 66 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.042 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MT/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-24MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-40MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5UJ-60MR/ES-A",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.043 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MR/ES",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-30MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-40MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-60MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MELSEC iQ-F Series FX5S-80MT/ESS",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "1.003 and prior"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers."
}
],
"value": "Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/z (x=24,40,60, y=T,R, z=ES,ESS) versions 1.042 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UJ-xMy/ES-A (x=24,40,60, y=T,R) versions 1.043 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5S-xMy/z (x=30,40,60,80, y=T,R, z=ES,ESS) versions 1.003 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU versions 33 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU versions 66 and prior allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-337",
"description": "CWE-337 Predictable Seed in Pseudo-Random Number Generator (PRNG) ",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T03:55:27.038Z",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-019_en.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU99673580/index.html"
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-02"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authentication Bypass Vulnerability in Web Server Function on MELSEC Series",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2022-40267",
"datePublished": "2023-01-20T07:52:56.784Z",
"dateReserved": "2022-09-08T19:40:16.931Z",
"dateUpdated": "2024-08-03T12:14:39.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20591 (GCVE-0-2021-20591)
Vulnerability from cvelistv5 – Published: 2021-06-11 15:52 – Updated: 2024-08-03 17:45
VLAI?
Summary
Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition.
Severity ?
No CVSS data available.
CWE
- Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | MELSEC iQ-R series CPU modules |
Affected:
R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:45:44.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-003_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU98060539/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MELSEC iQ-R series CPU modules",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-11T15:52:45",
"orgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"shortName": "Mitsubishi"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-003_en.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU98060539/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"ID": "CVE-2021-20591",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MELSEC iQ-R series CPU modules",
"version": {
"version_data": [
{
"version_value": "R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption vulnerability in Mitsubishi Electric MELSEC iQ-R series CPU modules (R00/01/02CPU all versions, R04/08/16/32/120(EN)CPU all versions, R08/16/32/120SFCPU all versions, R08/16/32/120PCPU all versions, R08/16/32/120PSFCPU all versions) allows a remote unauthenticated attacker to prevent legitimate clients from connecting to the MELSOFT transmission port (TCP/IP) by not closing a connection properly, which may lead to a denial of service (DoS) condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-003_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2021-003_en.pdf"
},
{
"name": "https://jvn.jp/vu/JVNVU98060539/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU98060539/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e0f77b61-78fd-4786-b3fb-1ee347a748ad",
"assignerShortName": "Mitsubishi",
"cveId": "CVE-2021-20591",
"datePublished": "2021-06-11T15:52:45",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-08-03T17:45:44.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-16850 (GCVE-0-2020-16850)
Vulnerability from cvelistv5 – Published: 2020-11-30 21:34 – Updated: 2024-08-04 13:45
VLAI?
Summary
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:33.224Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-30T21:34:28",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series",
"refsource": "MISC",
"url": "https://blog.scadafence.com/vulnerability-in-mitsubishi-electric-melsec-iq-r-series"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-282-02"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16850",
"datePublished": "2020-11-30T21:34:28",
"dateReserved": "2020-08-04T00:00:00",
"dateUpdated": "2024-08-04T13:45:33.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5668 (GCVE-0-2020-5668)
Vulnerability from cvelistv5 – Published: 2020-11-20 03:30 – Updated: 2024-08-04 08:39
VLAI?
Summary
Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet
Severity ?
No CVSS data available.
CWE
- Uncontrolled Resource Consumption
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSEC iQ-R |
Affected:
R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-016.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-016_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/vu/JVNVU95980140/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MELSEC iQ-R",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "R00/01/02CPU firmware version \u002719\u0027 and earlier, R04/08/16/32/120 (EN) CPU firmware version \u002751\u0027 and earlier, R08/16/32/120SFCPU firmware version \u002722\u0027 and earlier, R08/16/32/120PCPU firmware version \u002725\u0027 and earlier, R08/16/32/120PSFCPU firmware version \u002706\u0027 and earlier, RJ71EN71 firmware version \u002747\u0027 and earlier, RJ71GF11-T2 firmware version \u002747\u0027 and earlier, RJ72GF15-T2 firmware version \u002707\u0027 and earlier, RJ71GP21-SX firmware version \u002747\u0027 and earlier, RJ71GP21S-SX firmware version \u002747\u0027 and earlier, and RJ71GN11-T2 firmware version \u002711\u0027 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version \u002719\u0027 and earlier, R04/08/16/32/120 (EN) CPU firmware version \u002751\u0027 and earlier, R08/16/32/120SFCPU firmware version \u002722\u0027 and earlier, R08/16/32/120PCPU firmware version \u002725\u0027 and earlier, R08/16/32/120PSFCPU firmware version \u002706\u0027 and earlier, RJ71EN71 firmware version \u002747\u0027 and earlier, RJ71GF11-T2 firmware version \u002747\u0027 and earlier, RJ72GF15-T2 firmware version \u002707\u0027 and earlier, RJ71GP21-SX firmware version \u002747\u0027 and earlier, RJ71GP21S-SX firmware version \u002747\u0027 and earlier, and RJ71GN11-T2 firmware version \u002711\u0027 and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T11:15:29",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-016.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-016_en.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/vu/JVNVU95980140/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5668",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MELSEC iQ-R",
"version": {
"version_data": [
{
"version_value": "R00/01/02CPU firmware version \u002719\u0027 and earlier, R04/08/16/32/120 (EN) CPU firmware version \u002751\u0027 and earlier, R08/16/32/120SFCPU firmware version \u002722\u0027 and earlier, R08/16/32/120PCPU firmware version \u002725\u0027 and earlier, R08/16/32/120PSFCPU firmware version \u002706\u0027 and earlier, RJ71EN71 firmware version \u002747\u0027 and earlier, RJ71GF11-T2 firmware version \u002747\u0027 and earlier, RJ72GF15-T2 firmware version \u002707\u0027 and earlier, RJ71GP21-SX firmware version \u002747\u0027 and earlier, RJ71GP21S-SX firmware version \u002747\u0027 and earlier, and RJ71GN11-T2 firmware version \u002711\u0027 and earlier"
}
]
}
}
]
},
"vendor_name": "Mitsubishi Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version \u002719\u0027 and earlier, R04/08/16/32/120 (EN) CPU firmware version \u002751\u0027 and earlier, R08/16/32/120SFCPU firmware version \u002722\u0027 and earlier, R08/16/32/120PCPU firmware version \u002725\u0027 and earlier, R08/16/32/120PSFCPU firmware version \u002706\u0027 and earlier, RJ71EN71 firmware version \u002747\u0027 and earlier, RJ71GF11-T2 firmware version \u002747\u0027 and earlier, RJ72GF15-T2 firmware version \u002707\u0027 and earlier, RJ71GP21-SX firmware version \u002747\u0027 and earlier, RJ71GP21S-SX firmware version \u002747\u0027 and earlier, and RJ71GN11-T2 firmware version \u002711\u0027 and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-016.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.co.jp/psirt/vulnerability/pdf/2020-016.pdf"
},
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-016_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2020-016_en.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-324-05"
},
{
"name": "https://jvn.jp/vu/JVNVU95980140/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/vu/JVNVU95980140/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5668",
"datePublished": "2020-11-20T03:30:23",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5527 (GCVE-0-2020-5527)
Vulnerability from cvelistv5 – Published: 2020-03-30 07:10 – Updated: 2024-08-04 08:30
VLAI?
Summary
When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions.
Severity ?
No CVSS data available.
CWE
- Denial-of-service (DoS)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mitsubishi Electric Corporation | MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series |
Affected:
MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:30:24.568Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series",
"vendor": "Mitsubishi Electric Corporation",
"versions": [
{
"status": "affected",
"version": "MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial-of-service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-30T07:10:14",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2020-5527",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MELSOFT transmission port (UDP/IP) of multiple Mitsubishi Electric MELSEC series",
"version": {
"version_data": [
{
"version_value": "MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions)"
}
]
}
}
]
},
"vendor_name": "Mitsubishi Electric Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), MELSEC iQ-F series (all versions), MELSEC Q series (all versions), MELSEC L series (all versions), and MELSEC F series (all versions) receives massive amount of data via unspecified vectors, resource consumption occurs and the port does not process the data properly. As a result, it may fall into a denial-of-service (DoS) condition. The vendor states this vulnerability only affects Ethernet communication functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial-of-service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf",
"refsource": "MISC",
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2019-005_en.pdf"
},
{
"name": "https://jvn.jp/en/vu/JVNVU91553662/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU91553662/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2020-5527",
"datePublished": "2020-03-30T07:10:14",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:30:24.568Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}